From 548c4a6587fe517f3a66756407946335636cd044 Mon Sep 17 00:00:00 2001
From: Erik Johnston <erik@matrix.org>
Date: Fri, 26 Mar 2021 12:17:37 +0000
Subject: [PATCH] Update cahngelog

---
 CHANGES.md | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index f371f756d..2adff4263 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,8 +1,20 @@
 Synapse 1.30.1 (2021-03-26)
 ===========================
 
-This is a security release to ensure that Synapse is running with a
-`cryptography` package built against a patched version of OpenSSL.
+This release is identical to Synapse 1.30.0, with the exception of explicitly
+setting a minimum version of Python's Cryptography library to ensure that users
+of Synapse are protected from the recent [OpenSSL security advisories](https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html),
+especially CVE-2021-3449.
+
+Note that Cryptography defaults to bundling its own statically linked copy of
+OpenSSL, which means that you may not be protected by your operating system's
+security updates.
+
+It's also worth noting that Cryptography no longer supports Python 3.5, so
+admins deploying to older environments may not be protected against this or
+future vulnerabilities.
+
+
 
 
 Updates to the Docker image